114 Security Architecture jobs in Singapore

Zero Trust Strategy and Implementation:

• Develop and execute the Zero Trust programme roadmap, ensuring alignment with organizational security objectives

• Design and implement ZTA components, including identity-based access controls, micro-segmentation, and secure application access

• Oversee the migration from LAN and VPN-based access to ZTNA, ensuring minimal disruption to business operations

Stakeholder and Cross-Functional Coordination:

• Collaborate with infrastructure, security, application, and user teams to align Zero Trust policies with business requirements

• Act as the key advisor to senior leadership on Zero Trust matters and secure buy-in from business units

• Manage stakeholder expectations and provide regular progress updates and risk assessments

Security Operations and Risk Management:

• Ensure continuous monitoring and adaptation of Zero Trust policies to address emerging threats

• Develop and enforce security policies aligned with industry standards (e.g., NIST, ISO 27001)

• Oversee incident response processes and ensure rapid resolution of access-related issues

User Experience and Change Management:

• Develop a user adoption strategy to drive awareness and acceptance of new access controls

• Minimize user friction by balancing security controls with operational needs

• Conduct training and communication campaigns to support the transition

Compliance and Governance:

• Ensure that all Zero Trust controls comply with relevant regulatory and data privacy requirements

• Establish governance structures to monitor adherence and policy effectiveness

• Provide regular reports to executive leadership and audit teams

Education and Experience:

• Bachelor’s degree in Computer Science, Information Security, or a related field

• At least 10 years of experience in cybersecurity, network security, or infrastructure management

• Proven experience in leading large-scale security transformation programmes

Technical Expertise:

• Deep understanding of Zero Trust Architecture principles and frameworks

• Expertise in identity management, network segmentation, and secure access models
  Knowledge of cloud and hybrid security models (e.g., AWS, Azure, Google Cloud)

Functional and Leadership Skills:

• Strong programme and project management skills

• Excellent communication and stakeholder management abilities

• Experience in managing cross-functional teams and resolving complex technical issues

Problem-Solving and Decision-Making:

• Ability to design and implement complex security solutions

• Strong analytical skills and a strategic mindset to balance security with business needs

• Experience in handling high-stakes security incidents and operational challenges

Compliance and Risk Management:

• Familiarity with security frameworks (e.g., NIST, ISO 27001) and regulatory requirements

• Experience in developing and enforcing security policies across a large enterprise

DRW is a diversified trading firm with over 3 decades of experience bringing sophisticated technology and exceptional people together to operate in markets around the world. We value autonomy and the ability to quickly pivot to capture opportunities, so we operate using our own capital and trading at our own risk.

Headquartered in Chicago with offices throughout the U.S., Canada, Europe, and Asia, we trade a variety of asset classes including Fixed Income, ETFs, Equities, FX, Commodities and Energy across all major global markets. We have also leveraged our expertise and technology to expand into three non-traditional strategies: real estate, venture capital and cryptoassets.

We operate with respect, curiosity and open minds. The people who thrive here share our belief that it’s not just what we do that matters–it's how we do it. DRW is a place of high expectations, integrity, innovation and a willingness to challenge consensus.

We are seeking a Network Security Engineer to join the network security team to ensure that our infrastructure and networks are properly protected. They will design, coordinate and implement security controls, audit configurations, and design networks in a hybrid compute environment. A successful candidate will have an attention to detail, the ability to understand what impacts their changes have on the network and relevant associated services.

What you’ll be doing:

• Collaborate with cross-functional security, technology, and trading teams to design and deploy innovative solutions that enhance both system integrity and trading performance.
• Actively contribute to the design, implementation, and maintenance of mission-critical trading infrastructure that drives resilient and scalable market operations.
• Implement robust strategies to reduce network risks by leveraging micro-segmentation, port-based security, and other innovative methods.
• Evaluate, diagnose, and implement effective network security solutions such as firewalls, network detect and response, intrusion prevention systems (IPS), and VPN concentrators to improve our network security and ensure reliable remote access.
• Leverage automation, AI, and other emerging and innovative technologies to continuously enhance our ability to detect and respond to security events.
• Perform in-depth analysis of network packet captures to investigate security incidents and identify areas for improvement.
• Continuously seek opportunities to automate tasks and streamline security operations for improved efficiency and effectiveness.

What we’re looking for:

• You are passionate about solving complex problems that enable our company to securely connect from anywhere globally to facilitate new business opportunities.
• You are a network security engineer who thrives on designing, implementing, and supporting cutting-edge security systems that keep our network safe from emerging threats.
• You can get your hands dirty with hands-on experience in firewalls, client VPNs, SASE, NDR, and IDS solutions.
• You enjoy scripting and coding to automate processes and reduce repetitive work.
• You have a solid understanding of TCP, UDP, IP, the OSI Model, and Layer 1-4 & 7 principles and security protocols.
• You are a dedicated professional who isn’t afraid of stepping up for on-call duties—even if it means working nights or weekends.
• You are someone that continuously seeks innovative improvements to drive high-quality, state-of-the-art, and effective security solutions.
• You are an effective communicator, able to translate complex technical insights into clear, actionable strategies that resonate with cross-functional teams.

DRW is a diversified trading firm with over 3 decades of experience bringing sophisticated technology and exceptional people together to operate in markets around the world. We value autonomy and the ability to quickly pivot to capture opportunities, so we operate using our own capital and trading at our own risk.

Headquartered in Chicago with offices throughout the U.S., Canada, Europe, and Asia, we trade a variety of asset classes including Fixed Income, ETFs, Equities, FX, Commodities and Energy across all major global markets. We have also leveraged our expertise and technology to expand into three non-traditional strategies: real estate, venture capital and cryptoassets.

We operate with respect, curiosity and open minds. The people who thrive here share our belief that it’s not just what we do that matters–it's how we do it. DRW is a place of high expectations, integrity, innovation and a willingness to challenge consensus.

We are seeking a Network Security Engineer to join the network security team to ensure that our infrastructure and networks are properly protected. They will design, coordinate and implement security controls, audit configurations, and design networks in a hybrid compute environment. A successful candidate will have an attention to detail, the ability to understand what impacts their changes have on the network and relevant associated services.

What you’ll be doing:

• Collaborate with cross-functional security, technology, and trading teams to design and deploy innovative solutions that enhance both system integrity and trading performance.
• Actively contribute to the design, implementation, and maintenance of mission-critical trading infrastructure that drives resilient and scalable market operations.
• Implement robust strategies to reduce network risks by leveraging micro-segmentation, port-based security, and other innovative methods.
• Evaluate, diagnose, and implement effective network security solutions such as firewalls, network detect and response, intrusion prevention systems (IPS), and VPN concentrators to improve our network security and ensure reliable remote access.
• Leverage automation, AI, and other emerging and innovative technologies to continuously enhance our ability to detect and respond to security events.
• Perform in-depth analysis of network packet captures to investigate security incidents and identify areas for improvement.
• Continuously seek opportunities to automate tasks and streamline security operations for improved efficiency and effectiveness.

What we’re looking for:

• You are passionate about solving complex problems that enable our company to securely connect from anywhere globally to facilitate new business opportunities.
• You are a network security engineer who thrives on designing, implementing, and supporting cutting-edge security systems that keep our network safe from emerging threats.
• You can get your hands dirty with hands-on experience in firewalls, client VPNs, SASE, NDR, and IDS solutions.
• You enjoy scripting and coding to automate processes and reduce repetitive work
• You have a solid understanding of TCP, UDP, IP, the OSI Model, and Layer 1-4 & 7 principles and security protocols.
• You are a dedicated professional who isn’t afraid of stepping up for on-call duties—even if it means working nights or weekends
• You are someone that continuously seeking innovative improvements to drive high-quality, state-of-the-art, and effective security solutions.
• You are an effective communicator, able to translate complex technical insights into clear, actionable strategies that resonate with cross-functional teams.

For more information about DRW's processing activities and our use of job applicants' data, please view our Privacy Notice at .

California residents, please review the California Privacy Notice for information about certain legal rights at .

#LI-PR1

• Proven experience in a network support role, with a strong focus on datacenter and building networks.
• In-depth knowledge of firewall management and experience with firewall technologies, including Checkpoint and Palo Alto.
• Proficiency in supporting a variety of network devices, including Cisco routers and switches.
• Familiarity with WAN and LAN technologies, including routing protocols and network segmentation.
• Strong troubleshooting and analytical skills, with the ability to diagnose and resolve complex network issues.
• Relevant certifications in network technologies, such as CCNA, CCNP, Check Point Certified Systems Administrator (CCSA), and Palo Alto Networks Certified Network Security Engineer (PCNSE), are advantageous.

Join to apply for the Network Security Engineer role at TEKsystems .

We’re looking for a hands-on Network Security Expert to join our team. You'll support daily operations, manage incidents and changes, and work across teams to implement key security solutions.

• Manage and troubleshoot Palo Alto firewalls, F5 load balancers, Zscaler (ZIA/ZPA), and Cisco ISE
• Support Okta integrations (SSO/MFA) and CyberArk for privileged access
• Analyze network/security designs to improve performance and reduce risks
• Work closely with access and infrastructure teams
• Participate in monthly on-call rotation for critical systems

• Experience with Palo Alto, F5 LTM, Zscaler, and Cisco ISE
• Familiar with Okta, CyberArk, and Active Directory
• Strong troubleshooting and documentation skills
• Team player, comfortable in agile environments

• Certifications (e.g., PCNSE, CCNP Security, Zscaler Certified)
• Scripting or automation (Ansible, Terraform)
• Knowledge of IAM, PKI, and certificate-based access

Note: The original job description contained duplicate content and irrelevant sections; these have been removed for clarity and focus.

NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.

We’re searching for aNetwork & Security Engineer to be part of our diverse team of talent here at NCS!

Overview

As a Network & Security Engineer, you will be responsible for the initial support and maintenance of OneCare’s client. This role provides 24x7 standby onsite and remote troubleshooting support, onsite HW replacement, security patches and firmware or software upgrade of Network and Security devices while ensuring SLA contractual obligation is meet.

What will you do?

Network and Security Maintenance

• Perform routine network maintenance and system upgrades, including service packs, patches, and hot fixes.
• Hardware replacement which requires prepping up the replacement device with same firmware/software and patches with faulty device. This also requires basic to intermediate configuration.

Troubleshooting and Support

• Identify and resolve network and security issues promptly.
• Provide technical support to end-users and escalate issues to higher-level engineers when necessary.
• Document network problems and resolutions for future reference.
• Basic and/or Intermediatory skill in switches, routers or f5
• Basic and/or Intermediatory skill in Firewalls eg Fortinet, Checkpoint and/or Palo Alto

Security Management

• Adherence to all clients Security and Cyber hygiene policies.
  Respond to security audits and vulnerability assessments.
• Part of the 24x7 rotational standby to support all clients 24x7 ensuring meeting SLA.
• Respond to network and security incidents.
• Participate in incident response drills and post-incident reviews.
• Follow all processes, including timely escalation to senior engineers.

Documentation and Reporting

• Conduct and maintain accurate and up to date Preventive Maintenance report where contractually obligated.
• Daily regular accurate update of incident tickets.
• Collaborate with other engineers to ensure comprehensive documentation of network and security procedures/SOP.

The ideal candidate should possess:

• Diploma /Degree in Computer Science / Computer Engineering / Information Technology related field, or IT equivalent
• Network and security Internship experience or minimally 1 year of related experience or exposure
• Good knowledge network and firewalls
• Self-motivated with a positive “can-do” attitude, creative with excellent presentation, communication, negotiation and interpersonal skills including strong persuasive techniques.
• Ability to develop and maintain respectful and trusting relationship
• Proficient in written and spoken English
• Able to travel as required

We are driven by ourAEIOU beliefs - Adventure, Excellence, Integrity, Ownership, and Unity - and we seek individuals who embody these values in both their professional and personal lives. We arecommitted to our Impact: Valuing our clients, Growing our people, and Creating our future.

Together, wemake the extraordinary happen .

• Support Okta integrations (SSO/MFA) and CyberArk for privileged access
• Analyze network/security designs to improve performance and reduce risks
• Work closely with access and infrastructure teams

We’re looking for a hands-on Network Security Expert to join our team. You'll support daily operations, manage incidents and changes, and work across teams to implement key security solutions.

Key Responsibilities:

• Manage and troubleshoot Palo Alto firewalls , F5 load balancers , Zscaler (ZIA/ZPA) , and Cisco ISE
• Support Okta integrations (SSO/MFA) and CyberArk for privileged access
• Analyze network/security designs to improve performance and reduce risks
• Work closely with access and infrastructure teams
• Participate in monthly on-call rotation for critical systems

Requirements:

• Experience with Palo Alto , F5 LTM , Zscaler , and Cisco ISE
• Familiar with Okta , CyberArk , and Active Directory
• Strong troubleshooting and documentation skills
• Team player, comfortable in agile environments

Nice to Have:

• Certifications (e.g., PCNSE, CCNP Security, Zscaler Certified)
• Scripting or automation (Ansible, Terraform)
• Knowledge of IAM, PKI, and certificate-based access

We regret to inform that only shortlisted candidates will be notified .

EA Registration No:NG XUAN,R24123530

Allegis Group Singapore Pte Ltd, Company Reg No. 200909448N, EA License No. 10C4544

JD-Network security Engineer

• Execute operational tasks for network security solutions, including network firewalls, intrusion prevention systems (IPS), proxies and web application firewalls (WAF).
• Monitor the performance and maintain network security solutions.
• Utilise various tools and solutions to troubleshoot and diagnose network problems.
• Identify and provide insight on WAF violations.
• Post office-hours activation for support and troubleshooting.
• Perform data tabulation and report extraction.
• Configure and install various network devices and services (e.g., routers, switches, firewalls, load balancers, VPN, QoS)
• Perform network maintenance and system upgrades including service packs, patches, hot fixes and security configurations
• Monitor performance and ensure system availability and reliability
• Monitor system resource utilization, trending, and capacity planning
• Provide Level-2/3 support and troubleshooting to resolve issues
• Work within established configuration and change management policies to ensure awareness, approval and success of changes made to the network infrastructure
• Select and implement security tools, policies, and procedures in conjunction with the company’s security team
• Liaise with vendors and other IT personnel for problem resolution
• Handle request and perform necessary network configuration.
• Coordinate the troubleshooting and incident root cause analysis for the managed equipment. It might include troubleshooting with other parties
• Review new release of vulnerabilities and provide recommendation to HDB. It includes obtaining of firmware, schedule and coordinate firmware patching with testers.

Requirements and skills

• Possess knowledge on networking protocols and technologies like TCP/IP, VLANs, VPNs, and routing/switching.
• Possess fundamental application security knowledge like interpretation of HTTP response status codes and WAF violations. Higher proficiency in application security knowledge to advice on remediation measures is an added advantage, but not mandatory.
• Proficient with network equipment from vendors like Palo Alto, Check Point, Trend Micro, Fortinet and F5.
• Experience in solutions that supports the primary job tasks, like Network Performance Monitoring (NPM) and Security Information and Event Management (SIEM).
• Understanding of network security best practices and tools.
• Strong problem-solving skills and ability to work under pressure. Willingness to learn.
• Fundamental skills on Microsoft Office products like Word and Excel.
• Additional certifications like CCNA, CCNP or product (with reference to products listed above) certifications are a plus.

At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine’s Top Company Cultures list and ranked among the World’s Most Innovative Companies by Fast Company.

We realize people do not fit into neat boxes. We are looking for curious and empathetic individuals who are committed to developing themselves and learning new skills, and we are ready to help you do that. We cannot complete our mission without building a diverse and inclusive team. We hire the best people based on an evaluation of their potential and support them throughout their time at Cloudflare. Come join us!

The Cloudflare Customer Support Team solves complicated problems and answers technical questions via phone, email, chat and social media. Whether it is a Wordpress blogger using our services for free or a global Enterprise business with petabytes of web traffic, we are always eager to assist. We are the eyes and ears of Cloudflare, acting as the real-time voice of the customer to help communicate their needs and real-world use cases back to the rest of the company - for better service and future product development.

Do you love solving complex technical issues and interacting with people? Are you passionate about providing premium-level support to customers and are a standout colleague? Cloudflare is seeking an experienced Network Security Engineer to join our team and support our largest and most technically sophisticated customers in resolving technical problems, threats or attacks on their infrastructure at OSI Layers 3, 4, and 7. This will span the range of Cloudflare products from Magic Transit Infrastructure Protection, Argo Smart Routing, DDoS mitigation and Network Firewall, to using the Web Application firewall (WAF), Spectrum and Rate Limiting to help customers.

• Serve as a trusted technical advisor for our enterprise customers, responding to and resolving inquiries and incidents related to network security and performance, while delivering timely, high-quality and personalized assistance.
• Work directly with customers to diagnose, troubleshoot and resolve complex technical issues involving DDoS mitigation, firewall rules, SSL/TLS, network confirmation, and other security configurations.
• Create and maintain knowledge base articles, technical guides, and troubleshooting documentation for internal and customer use.
• DDoS mitigation for OSI layers 3,4, & 7: advise customers on how to filter malicious traffic using Cloudflare tools like Magic Transit, Network Firewall, WAF, IP reputation lists, packet inspection, blocklisting, allowlisting, and rate limiting
• Work with Engineering and Product teams to improve products and tools

• You have a minimum of 4 years experience working as a Network Security Engineer / Technical Support Engineer / Sr. Support Engineer supporting networking or web security products.
• Exceptional troubleshooting and problem-solving skills, with the ability to simplify complex concepts for customers.
• Strong customer service orientation and communication skills, both written and verbal, fluent in English and preferably a second language like Mandarin, Hindi, Tamil, Korean or Japanese.
• Ability to work independently and collaboratively in a fast-paced, dynamic environment.
• Strong understanding of network protocols, including TCP/IP, DNS, HTTP/S, and BGP, with a particular focus on anycast routing concepts and implementation, as well as tools such as iptables and looking glass.
• Proven experience troubleshooting network connectivity issues, BGP routing, and GRE tunnels, and performing packet capture analysis
• Confident with command line and tools, including curl, dig, traceroute, openssl, git
• Experience in a web development and / or hosting environment such as installing and configuring web servers like Apache, Nginx, Caddy and IIS
• You have worked with PostgreSQL, MySQL, MS SQL, and other database servers
• Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent experience).
• Relevant certifications such as CISSP, GCIA GCIH, GCFA, GCFE or equivalent.

What Makes Cloudflare Special?

We’re not just a highly ambitious, large-scale technology company. We’re a highly ambitious, large-scale technology company with a soul. Fundamental to our mission to help build a better Internet is protecting the free and open Internet.

Project Galileo : Since 2014, we've equipped more than 2,400 journalism and civil society organizations in 111 countries with powerful tools to defend themselves against attacks that would otherwise censor their work, technology already used by Cloudflare’s enterprise customers--at no cost.

Athenian Project : In 2017, we created the Athenian Project to ensure that state and local governments have the highest level of protection and reliability for free, so that their constituents have access to election information and voter registration. Since the project, we've provided services to more than 425 local government election websites in 33 states.

1.1.1.1 : We released 1.1.1.1 to help fix the foundation of the Internet by building a faster, more secure and privacy-centric public DNS resolver. This is available publicly for everyone to use - it is the first consumer-focused service Cloudflare has ever released. Here’s the deal - we don’t store client IP addresses never, ever. We will continue to abide by our privacy commitment and ensure that no user data is sold to advertisers or used to target consumers.

Sound like something you’d like to be a part of? We’d love to hear from you!

This position may require access to information protected under U.S. export control laws, including the U.S. Export Administration Regulations. Please note that any offer of employment may be conditioned on your authorization to receive software or technology controlled under these U.S. export laws without sponsorship for an export license.

Cloudflare is proud to be an equal opportunity employer. We are committed to providing equal employment opportunity for all people and place great value in both diversity and inclusiveness. All qualified applicants will be considered for employment without regard to their, or any other person's, perceived or actual race, color, religion, sex, gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship, age, physical or mental disability, medical condition, family care status, or any other basis protected by law. We are an AA/Veterans/Disabled Employer.

Cloudflare provides reasonable accommodations to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job. Examples of reasonable accommodations include, but are not limited to, changing the application process, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment. If you require a reasonable accommodation to apply for a job, please contact us via e-mail at or via mail at 101 Townsend St. San Francisco, CA 94107.

*

indicates a required field

First Name *

Last Name *

Email *

Phone *

Location (City) *

Resume/CV *

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

Legal Name (if different than above)

How did you hear about this job? *

Are you currently based in any of these locations: Singapore, Sydney, Tokyo, or Kuala Lumpur? * Select.

Do you now or will you in the future require immigration sponsorship to work at Cloudflare in Singapore? * Select.

Do you now or will you in the future require immigration sponsorship to work at Cloudflare Australia? * Select.

Do you now or will you in the future require immigration sponsorship to work at Cloudflare Japan? * Select.

Do you now or will you in the future require immigration sponsorship to work at Cloudflare in Malaysia? * Select.

Please review and acknowledge Cloudflare's Candidate Privacy Policy (cloudflare.com/candidate-privacy-notice/). *